[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 0/1] Update OpenLDAP, fixing CVE-2015-6908
From: |
Leo Famulari |
Subject: |
Re: [PATCH 0/1] Update OpenLDAP, fixing CVE-2015-6908 |
Date: |
Sun, 24 Apr 2016 15:04:56 -0400 |
User-agent: |
Mutt/1.5.24 (2015-08-30) |
On Thu, Apr 21, 2016 at 02:57:48PM -0400, Leo Famulari wrote:
> There is a remote denial of service bug in OpenLDAP in version 2.4.42
> and earlier [0].
>
> This patch updates OpenLDAP to the latest version.
>
> This change will require several hundred packages to be rebuilt. Should
> it go on security-updates? Your advice requested...
Fixed on master, with a graft, as 80c13759745.
>
> [0]
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=2015-6908
>
> Leo Famulari (1):
> gnu: openldap: Update to 2.4.44 [fixes CVE-2015-6908].
>
> gnu/packages/openldap.scm | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> --
> 2.7.4
>